Skip to Main Content
A network intrusion detection system (NIDS) based on genetic-fuzzy association rules is presented in the paper, which mines rules in an incremental manner in order to meet the real-time requirement of a NIDS. More precisely, the proposed NIDS adopts the incremental mining of fuzzy association rules from network traffic, in which membership functions of fuzzy variables are optimized by a genetic algorithm. The proposed online system belongs to anomaly detection, not misuse detection. Some denial-of-service (DoS) attacks were experimented in this study to show the performance of the proposed NIDS. The results show that the proposed NIDS can detect DoS attacks in both effectiveness and efficiency.